I'm assuming (perhaps incorrectly) that Darkmail will use public key cryptography, with users able to generate and keep their own keypairs so that even a central authority can't get at the keys via a secret warrant.

How do you plan to solve the problem of distributing and verifying the public keys?

To my knowledge the only solution which doesn't depend on a central authority (which we must assume to be compromised) for key verification is a web of trust, which depends a lot on users. If this is the solution you're using, what kind of tooling are you planning for allowing users to manage their web of trust?

The details haven't been explained to me yet, but my guess is the service provider will publish keys on behalf of its users.

Mechanisms are also being discussed that would make it impossible for a provider to secretly publish fake keys. The assumption is that if we know which providers can be compromised. That will lead us to also learn which providers can be trusted and eventually data will migrate into jurisdictions with strong privacy protection laws.